﻿<!--#Include file = "includes/SqlHelper.asp"-->
<!--#Include file = "includes/database.asp"-->
<!--#Include file = "includes/function.asp"-->
<!--#Include file = "includes/language.asp"-->
<!--#Include file = "includes/browser_page_encoding_inc.asp"-->
<!--#Include file = "includes/global_varaiable.asp"-->
<link href="css/default.css" rel="stylesheet" type="text/css" />
<%
'check injection
sRequest=Request.QueryString
if  instr(UCASE(sRequest),"UPDATE ")>0 or instr(UCASE(sRequest),"SELECT")>0 or instr(UCASE(sRequest),"DELETE")>0 or instr(UCASE(sRequest),"INSERT")>0 or instr(UCASE(sRequest),"#")>0 or instr(UCASE(sRequest),"adw95.com")>0 then
	Response.Write ("Ko duoc su dung cac query SQL tren URL!")	
	Response.End
end If

	wrongseat_warning=cfg_wrongseat_warning
	seatnum_title=cfg_seatnum_title
	row_title=cfg_row_title
	bookinstruction_warning=cfg_bookinstruction_warning
	chosefilm_title=cfg_chosefilm_title
	chosecinema_title=cfg_chosecinema_title
	chosedate_title=cfg_chosedate_title
	choseshowtime_title=cfg_choseshowtime_title
	

	dim cmd
	cmd=Request("cmd")
	eval(cmd)
	
	Function onChangedRapID()
		
		Session("status")="1"
		set rs = CreateObject("ADODB.Recordset")
		strSQL = "SELECT ParamID, Paramname, ParamValue FROM THAMSO"
		rs.Open strSQL, adoCon
		While not rs.EOF
			strParamname = "" & rs("Paramname")
			if strParamname = "BOOKING_HOUR_BEFORE" then
				strBeforeHour = "" & rs("ParamValue")
			elseif strParamname = "BOOKING_HOUR_AFTER" then
				strAfterHour = "" & rs("ParamValue")
			end if
	
		rs.MoveNext
		Wend
		rs.Close
		set rs = Nothing

		filmID = "" & Request("FilmID")

			set rs = CreateObject("ADODB.Recordset")
			if filmID <> "" then
			strSQL = "SELECT DISTINCT a.RoomID, a.RoomName FROM PHONGCHIEU a INNER JOIN SUATCHIEU b ON  a.RoomID = b.RoomID AND FilmID = " & EncodeSql(filmID) & " INNER JOIN GIOCHIEU c ON c.SessionID = b.SessionID "
			strSQL = strSQL & " AND dateadd(mi, c.MinuteStart, dateadd(hh, c.HourStart, DayShow) ) <= DATEADD(hh, " + strBeforeHour + ", convert(char(8), getdate(), 112))  AND dateadd(mi, c.MinuteStart, dateadd(hh, c.HourStart, DayShow) ) >= dateadd(hh," + strAfterHour + ",getdate()) "
			strSQL = strSQL & " ORDER BY a.RoomName"

				rs.Open strSQL, adoCon
				While not rs.EOF
				strRapID = "" & rs("RoomID")
				if rapID = strRapID then
				strTenRap = rs("RoomName")
%>
					<a href="def.ajax.asp?cmd=onChangedNgaychieu&FilmID=<%=filmID%>&RapID=<%=strRapID%>" class="echannel" target="ngaychieu" onclick="update_status()"><%=EncodeHtml(rs("RoomName"))%></a>
					<br>
				<%
					else
				%>
					<a href="def.ajax.asp?cmd=onChangedNgaychieu&FilmID=<%=filmID%>&RapID=<%=strRapID%>" class="echannel" target="ngaychieu" onclick="update_status()"><%=EncodeHtml(rs("RoomName"))%></a>
					<br>
				<%
					end if
				%>
				<%
					rs.MoveNext
					Wend
					rs.Close
					set rs = Nothing
					end if

	End Function

	Function onChangedNgaychieu()

		Session("status")="2"
		set rs = CreateObject("ADODB.Recordset")
		strSQL = "SELECT ParamID, Paramname, ParamValue FROM THAMSO"
		rs.Open strSQL, adoCon
		While not rs.EOF
			strParamname = "" & rs("Paramname")
			if strParamname = "BOOKING_HOUR_BEFORE" then
				strBeforeHour = "" & rs("ParamValue")
			elseif strParamname = "BOOKING_HOUR_AFTER" then
				strAfterHour = "" & rs("ParamValue")
			end if
	
		rs.MoveNext
		Wend
		rs.Close
		set rs = Nothing

		filmID = "" & Request("FilmID")
		rapID = "" & Request("RapID")

		if filmID <> "" and rapID <> "" then
			strSQL = "SELECT distinct convert(char(10), b.DayShow, 103) as StrDayShow, convert(char(10), b.DayShow, 101) as StrDayShowValue, b.DayShow FROM GIOCHIEU a INNER JOIN SUATCHIEU b ON a.SessionID = b.SessionID WHERE b.FilmID = " & EncodeSql(filmID)
			strSQL = strSQL & "  AND dateadd(mi, a.MinuteStart, dateadd(hh, a.HourStart, DayShow) ) <= DATEADD(hh, " + strBeforeHour + ", convert(char(8), getdate(), 112))  AND dateadd(mi, a.MinuteStart, dateadd(hh, a.HourStart, DayShow) ) >= dateadd(hh," + strAfterHour + ",getdate()) "
			strSQL = strSQL & " AND b.RoomID = " & EncodeSql(rapID)

			set rs = CreateObject("ADODB.Recordset")
			rs.Open strSQL, adoCon
			While not rs.EOF
			strNgaychieu = "" & rs("StrDayShow")
			strNgaychieuValue = "" & rs("StrDayShowValue")
			if ngaychieu = strNgaychieuValue then
%>
			<a href="def.ajax.asp?cmd=onChangedGiochieuID&FilmID=<%=filmID%>&RapID=<%=rapID%>&Ngaychieu=<%=strNgaychieuValue%>" class="echannel" target="suatchieu" onclick="update_status()"><%=strNgaychieu%></a><br>						

<%
			else
%>
			<a href="def.ajax.asp?cmd=onChangedGiochieuID&FilmID=<%=filmID%>&RapID=<%=rapID%>&Ngaychieu=<%=strNgaychieuValue%>" class="echannel" target="suatchieu" onclick="update_status()"><%=strNgaychieu%></a><br>
<%
			end if

			rs.MoveNext
			Wend
			rs.Close
			set rs = Nothing
			end if

	End Function


	Function onChangedGiochieuID()
	Session("status")="3"
		filmID = "" & Request("FilmID")
		rapID = "" & Request("RapID")
		ngaychieu = "" & Request("Ngaychieu")
		loadNgaychieu = "true"

		set rs = CreateObject("ADODB.Recordset")
		strSQL = "SELECT ParamID, Paramname, ParamValue FROM THAMSO"
		rs.Open strSQL, adoCon
		While not rs.EOF
			strParamname = "" & rs("Paramname")
			if strParamname = "BOOKING_HOUR_BEFORE" then
				strBeforeHour = "" & rs("ParamValue")
			elseif strParamname = "BOOKING_HOUR_AFTER" then
				strAfterHour = "" & rs("ParamValue")
			end if
	
		rs.MoveNext
		Wend
		rs.Close
		set rs = Nothing


		if filmID <> "" and rapID <> "" and ngaychieu <> "" and loadNgaychieu = "true" then
										
		strSQL = "SELECT distinct a.SessionID, a.Description FROM GIOCHIEU a INNER JOIN SUATCHIEU b ON a.SessionID = b.SessionID WHERE b.FilmID = " & EncodeSql(filmID)
		strSQL = strSQL & " AND dateadd(mi, a.MinuteStart, dateadd(hh, a.HourStart, DayShow) ) <= DATEADD(hh, " + strBeforeHour + ", convert(char(8), getdate(), 112))  AND dateadd(mi, a.MinuteStart, dateadd(hh, a.HourStart, DayShow) ) >= dateadd(hh," + strAfterHour + ",getdate()) "
		strSQL = strSQL & " AND b.RoomID = " & EncodeSql(rapID)
		strSQL = strSQL & " AND convert(char(10), b.DayShow , 101) = '" & EncodeSql(ngaychieu) & "' "
									

		set rs = CreateObject("ADODB.Recordset")
		rs.Open strSQL, adoCon
		While not rs.EOF
		strGiochieuID = "" & rs("SessionID")
		if giochieuID = strGiochieuID then
		
		Session("giochieu") = rs("Description")
%>
		<a href="def.ajax.asp?cmd=onSubmit&FilmID=<%=filmID%>&RapID=<%=rapID%>&Ngaychieu=<%=ngaychieu%>&GiochieuID=<%=strGiochieuID%>" class="echannel" onclick="update_status()"><%=EncodeHtml(rs("Description"))%></a><br>
<%
		else 
		Session("giochieu") = rs("Description")
%>
		<a href="def.ajax.asp?cmd=onSubmit&FilmID=<%=filmID%>&RapID=<%=rapID%>&Ngaychieu=<%=ngaychieu%>&GiochieuID=<%=strGiochieuID%>" class="echannel" onclick="update_status()"><%=EncodeHtml(rs("Description"))%></a><br>
<%
		end if

		rs.MoveNext
		Wend
		rs.Close
		set rs = Nothing
		end if

	End Function
	
	Function onSubmit()
	Session("status")="4"
		Session("filmID") = "" & Request("FilmID")
		Session("rapID") = "" & Request("RapID")
		Session("ngaychieu") = "" & Request("Ngaychieu")
		Session("giochieuID") = "" & Request("GiochieuID")
		
		Session("OK") = "true"
		
		Response.Write(vbCrLf & "<script language=""JavaScript"">")
		Response.Write(vbCrLf & "window.parent.location = 'default.asp'")
		Response.Write(vbCrLf & "</script>")
		
	End Function
%>

<script language="javascript">
function update_status() {
	 //parent.frames['status'].src='status.asp';
	 parent.document.getElementById('status').src='status.asp';
	}
</script>